Hacker News new | past | comments | ask | show | jobs | submit login

Kill switch has been found: https://twitter.com/PTsecurity_UK/status/879779707075665922



The killswitch: https://twitter.com/0xAmit/status/879789734469488642


This confirmed to work? Anyone else speak on this? If so props to the guy who discovered this.


It is, although it isn't really a 'kill switch' in the sense it can't be deployed universally, but per system it works. This could be considered temporary though, as is turning off your computer if infected and NOT turning it back on. The encryption only takes effect after a restart.


Is a kill switch purpose to protect against a new infection? It doesn't help decrypting the files i guess? What is it used for?


Why would a ransomware author include a killswitch in their software?


Even ransomeware authors accidentally infect themselves and lose keys.


It's a means to detect sandboxing, either for testing or to foil analysis attempts by third parties.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: